I have come to the conclusion that I cannot rely on commercial certification authorities with whom I do not have an outstanding contract.
This means that the security layer of Mozilla is useless to me. To make it useful to me, there are several things that Mozilla must administratively do. Since the cost of these things is so high, I know that I am never going to see them implemented, and so I am not ever going to be able to trust Mozilla products again. However, for the sake of discussion, here are the things which Mozilla must do (and CABForum is simply corrupted, so there is no means for me to trust it even if it tries to say that it's doing what Mozilla itself must do): 1) Mozilla must run its own CA, which does not grant authority to end entities. Instead, it must run its own CA which accredits other certifiers. This CA must have the capacity to unilaterally, instantly, and globally suspend the trust of any participant in its root program as soon as it is determined that a fraudulent identity certificate had been issued, regardless of whether a court of jurisdiction ordered the provision of an identity theft by the state. (As has happened at least once in Mozilla's root program history.) 2) Mozilla must run a guaranteed-availability OCSP response system, and treat an unknown status as a FAIL. 3) Mozilla must not bow to pressure from government, even in the face of a threat of the loss of its 501(c)(3) status or criminal liability for its officers. In other words, Mozilla is not going to use its position to improve user security, it's merely going to preside over the erosion of user security. If the system itself can be eroded or corrupted, then the system itself cannot be trusted, no matter how "best effort" it looks or appears to be. Of course, the problem is not that there are so many identity certifiers, but that there are nowhere near enough different contexts under which to trust them. Therefore, Honest Achmed's has the same capabilities as Verisign, so Honest Achmed's is treated as equivalent to Verisign. And without branding in the UI as to what CA is being trusted, we don't even know what jurisdiction might have ordered a violation of our security. (Which is the -real- reason we need branding, even if Mozilla itself doesn't want to provide free advertising to its root program participants [aka "root partners"].) Without these pieces of information, the security layer is Worse Than Useless, it's a False Sense Of Security Theater. :( My entire motive to use anything related to the root program is to prevent anyone (including governments) from pretending to be anyone else. If that's not actually the purpose of the root program, I must find a way to blacklist nssckbi from being loaded without having to constantly re-delete the file (which keeps getting recreated on Firefox upgrade). The only way to do this seems to be to prevent it from being touched, but that destroys the capacity to upgrade Firefox. But my views don't mesh with Mozilla's. I'm stuck asking, "Hey Dan Veditz, did you ever do anything with that thing you wrote down, that there is no means in the UI to identify CAs which have chosen to issue multiple certificates with the same serial number, or provide user functionality for those sites?" Abductive reasoning suggests that the answer is no, because the crypto is simply not important enough for Mozilla to actually dedicate substantive resources to (the crypto is worked on by Red Hat, a US Federal Government contractor). It would rather simply congratulate itself on almost getting the job done, while leaving the most vulnerable of its users out in the cold, still vulnerable to state abuse. (And nobody is more bitter about state abuse than someone who has actually been abused by the state -- meaning well is all well and good, but if you want to understand the tactics used by the state you should ask an abusee rather than simply reading ongoing leak documentation.) -Kyle H On Sun, Sep 8, 2013 at 12:08 PM, Erwann Abalea <[email protected]> wrote: > I may be considered as over-paranoid, I don't mind. > Recent news that I'm sure everybody has read have an impact on the whole > crypto world. Standards, software stacks, hardware implementations, etc. > This program is also impacted, in a way, because it's about building trust on > severly damaged foundations (and we still don't know exactly how far those > have been damaged). > > Trying to stay on topic, some questions come to mind: > - what will happen to government CAs? US ones first (FPKI comes to mind), > but the same question applies to other governments (CNNIC, other less hostile > ones) > - how are the minimum cryptographic requirements going to change? Should > SHA1 be refused sooner than expected, should the minimum key size be set to a > higher level, should we promote a move to ECC certs (and under which curve) ? > - there have been some recent work on Mozilla Policy, what can be done again > on it, is it still necessary to change the rules? > - I'm still stunned by the stories, but I'm sure you have other questions. > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
